Aight this is my first post so yea
I've been doing a lot of stuff with ida and amrts and so far it wont be possible to launch studio cause the runcode is missing form the game it gets removed when they compiled the game due to ifdef but it is possible to add it back
so there is no need to mess around with the .cfg files as that will get you no where
so what i've been doing is finding the studio function address in ida pro by using dr2 source code cause amrts is built off of it
TOOLS
Here is some tools that I use some created by me some not
https://mega.nz/#F!gwQXXYzS!NiizWJGdD_diBNWUBHUzXw
Drcrc.exe - this will create a crc32 - copy some text then open drcrc then paste somewhere
TGAViewer.zip - this is a TGA viewer i made - just put both files "TGA Viewer.exe" and "TargaImage.dll" in the same folder and drag a .tga file on to the "TGA Viewer.exe" to view the image, or you can set .tga to open "TGA Viewer.exe" by default. I made it cause its quick and doesnt take ages to open other image programs
DOCS
I unlocked Studio mode btw here is the file you need
https://mega.nz/#!9ggnBaRC!9gohUi0E5-Rb ... YW0G3B2pzM
read this forum first though
viewtopic.php?f=10&t=2681
Here is a link to all Strings inside of the AMRTS exe
https://pastebin.com/7SJLzTn8
STUDIO PART
in army men rts this is the setting up runcode part
Code: Select all
int __stdcall WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nShowCmd)
{
sub_4D6590();
sub_4B3470(hInstance, lpCmdLine);
sub_4B6520(&unk_7288E0, aStart, (int)sub_403E40, (int)sub_403DE0, (int)sub_403E70, 0, 0);
sub_4B6520(&unk_7288E0, aIntro, (int)sub_403FD0, (int)sub_403F10, (int)sub_404100, 0, 0);
sub_4B6520(&unk_7288E0, aShell, (int)sub_404170, (int)unknown_libname_12, (int)sub_404180, 0, 0);
sub_4B6520(&unk_7288E0, aMission, (int)unknown_libname_14, (int)sub_404190, (int)sub_404210, 0, 0);
sub_4D0A60(sub_4038B0);
sub_4B34C0();
return 0;
}
Code: Select all
int __stdcall WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nShowCmd)
{
sub_451D53();
sub_5E5BB9(hInstance, lpCmdLine);
sub_5EB9E0(aKeycheck, unknown_libname_1056, unknown_libname_1054, unknown_libname_1057, 0, sub_4E2219);
sub_5EB9E0(aIntro, sub_4E22F8, sub_4E227F, sub_4E233B, 0, 0);
sub_5EB9E0(aLogin, unknown_libname_1059, unknown_libname_1058, unknown_libname_1060, 0, sub_4E2380);
sub_5EB9E0(aShell, unknown_libname_1061, sub_4E23A7, unknown_libname_1062, 0, 0);
sub_5EB9E0(aMission, sub_4E246E, sub_4E23F8, sub_4E247D, 0, 0);
sub_5EB9E0(aOutro, unknown_libname_1064, unknown_libname_1063, unknown_libname_1065, 0, 0);
sub_5EB9E0(aStudio, sub_402D11, sub_402BED, sub_402CA7, unknown_libname_13, 0);
sub_5EB9E0(aMeshview, sub_50BD82, sub_506855, sub_50739C, 0, 0);
sub_448394(sub_4E1A32);
sub_5E5C19();
return 0;
}
so far ive managed to find functions the same to dr2 and almost finished finding the complete runcode for studio
sub_4B6520(&unk_7288E0, aStudio, unknown_libname_14, sub_539FD0, ADDME, ADDME, 0);
oh and some very useful info is that dr2 Crc32 check is the exact same in amrts its the same key
if anyone has a .pdb file of army men rts I'd love if you could send it to me as I could get studio working in 10-20 mins as the pdb file renames all of the sub_ functions to their original function names given when creating the game
an example of this is you see the dr2 code when i load the pdb file it get changed in to this for example
Code: Select all
sub_5EB9E0(aStudio, sub_402D11, sub_402BED, sub_402CA7, unknown_libname_13, 0);
Code: Select all
RunCodes::Register(
&Main::runCodes,
aStudio,
Studio::Process,
Studio::Init,
Studio::Done,
Studio::PostInit,
0);
So i have figured out how to change cheat codes and what they do
how i figured this is out is for some reason when you enter a cheat code it gets converted from a string into a hex value(crc32)
so i have a tool that allows me to convert the string into crc32 hex value
Code: Select all
case 0x0A56CA72: // "ahoy captain dan"
case 0x58BA38CB: // "zap me"
case 0xECB07CC9: // "fantastic plastic"
case 0x256B72A3: // "color me stupid"
case 0x93F36B7A: // "punch line"
case 0xB858AB53: // "brain sick"
case 0x5DB41C47: // "kick some butt"
to change them in ida pro i searched for 58BA38CB which is zap me
i found the following
and with that i can change all of the cheats so i can make kick some butt do tons of damage
I will release an OP version of the game when im done
Game Bonuses
Discoveries DR2 & AMRTS
Disturbing discovery in DR2 Source code
dw tho this gets removed from the game when compiling if the release is set to release and not development
Cheats
here you will find tools that I have created that will allow you to cheat in the game via using dr2 and rts memory addresses/functions